- A former soldier has declared himself guilty of several positions.
- These include fraud, identity theft and conspiracy to hack organizations
- The soldier and his conspirators exfiltrated and sold data from the companies
The Department of Justice has announced that a former soldier has declared himself guilty of ‘conspiring to hack the databases of telecommunications companies, access to confidential records and extort the telecommunications companies threatening to release the stolen data unless the bailouts will be paid.
The 21 -year -old soldier, named Cameron John Wagenius, used online accounts under the pseudonym “Kibermhan0m”. Wagenius admitted to having conspired with others to disappoint organizations ‘at least 10’ stealing login credentials obtained through a piracy tool called SSH Brute.
Once the data was exfiltrated, the group used access to extortion victims, threatening to publish stolen data in cyber crime forums and offering to sell the data to other cybercriminals through the forums. These supposedly occurred while Wagenius actively served in the United States army.
Extorted data
Some of these data were sold successfully and, according to the reports, were used to commit other fraudulent campaigns, including the exchange of SIM. The group tried to extract at least $ 1 million of its victims.
Wagenius crimes declared guilty; Extortion in relation to computer fraud, the conspiracy to commit fraud to the cable and theft of aggravated identity. Wagenius previously declared guilty separately by two positions of “illegal transfer of confidential information of telephone records in relation to this conspiracy.”
Wagenius’s activity has been linked to snowflow hack in which hundreds of customers were affected and significant data were stolen. This attack was supposedly motivated financially and originated from a group that extorted money in exchange for their stolen data.
Snowflake confirmed that the violation was the result of a successful credential filling attack, in which a threat actor had entered countless login combinations (usually bought in the black market) until one finally works. Credential filling attacks are powerful and effective, and have led some of the most notorious infractions in recent years.
